Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/30dc85-2dd8-4b1c-b151-4bd63adc7354/1/W5sU-ZO6WBhRXGkiRRiQQs5_9rk.roa
File: W5sU-ZO6WBhRXGkiRRiQQs5_9rk.roa (raw, json)
Hash identifier: buoQ3JOzvBjf3H+zLixOxcXYRqSn97Vev1LEOeeiEno=
Subject key identifier: 5B:9B:14:F9:93:BA:58:18:51:5C:69:22:45:18:90:42:CE:7F:F6:B9
Certificate issuer: /CN=bf84113545d9000760f66062a4221933a2e959d8
Certificate serial: 0194A83EAAF5BE0CF17BE72D29EF55D59269
Authority key identifier: BF:84:11:35:45:D9:00:07:60:F6:60:62:A4:22:19:33:A2:E9:59:D8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/v4QRNUXZAAdg9mBipCIZM6LpWdg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/30dc85-2dd8-4b1c-b151-4bd63adc7354/1/W5sU-ZO6WBhRXGkiRRiQQs5_9rk.roa
Signing time: Mon 27 Jan 2025 14:51:06 +0000
ROA not before: Mon 27 Jan 2025 14:51:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 200195
IP address blocks: 45.89.60.0/24 maxlen: 24
45.89.61.0/24 maxlen: 24
45.150.66.0/24 maxlen: 32
91.211.114.0/24 maxlen: 24
138.124.181.0/24 maxlen: 24
2a0e:4005::/32 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:a8:3e:aa:f5:be:0c:f1:7b:e7:2d:29:ef:55:d5:92:69
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bf84113545d9000760f66062a4221933a2e959d8
Validity
Not Before: Jan 27 14:51:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5b9b14f993ba5818515c692245189042ce7ff6b9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:49:bd:3d:e2:ab:65:f4:5b:72:60:94:98:7f:
ef:8b:20:25:cb:e7:dd:50:f7:09:83:37:a6:b0:bb:
a0:c4:f1:0c:45:44:d7:3d:8f:68:80:e6:ed:26:26:
aa:aa:38:e4:e4:98:24:aa:ab:67:12:0e:c4:1f:e7:
7f:a5:19:c5:e4:29:59:d0:45:02:3d:c6:26:e5:89:
02:48:67:ca:14:72:00:43:9e:23:50:ea:82:cb:10:
a1:6c:34:89:b7:d3:12:85:2f:55:8f:fa:79:df:b6:
51:ad:5b:f9:ee:47:78:e9:59:73:2c:96:d0:18:8d:
b5:36:f7:34:5a:6f:3e:ed:d4:a5:ae:99:80:49:62:
74:c1:6d:ce:cc:66:da:45:22:5a:08:c0:a5:62:2d:
52:e8:e3:5f:fa:66:f0:f2:7e:3d:6d:f9:c4:50:ea:
c7:6a:e1:38:4c:af:17:b5:89:6d:c2:28:cd:c2:c5:
2f:0d:ca:91:f0:2c:04:0a:b9:36:63:fb:53:ca:f2:
aa:c5:81:bd:48:3c:21:f5:2e:d6:3e:72:9b:a2:65:
15:b0:25:12:5f:b5:32:46:1e:f4:cc:b1:20:d8:9e:
b1:ae:e3:2b:21:d0:23:ef:c1:ea:eb:95:43:fc:41:
9e:d6:e7:b3:23:48:ec:0e:f4:15:88:c7:26:1f:72:
a6:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:9B:14:F9:93:BA:58:18:51:5C:69:22:45:18:90:42:CE:7F:F6:B9
X509v3 Authority Key Identifier:
keyid:BF:84:11:35:45:D9:00:07:60:F6:60:62:A4:22:19:33:A2:E9:59:D8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/v4QRNUXZAAdg9mBipCIZM6LpWdg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/30dc85-2dd8-4b1c-b151-4bd63adc7354/1/W5sU-ZO6WBhRXGkiRRiQQs5_9rk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/30dc85-2dd8-4b1c-b151-4bd63adc7354/1/v4QRNUXZAAdg9mBipCIZM6LpWdg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.89.60.0/23
45.150.66.0/24
91.211.114.0/24
138.124.181.0/24
IPv6:
2a0e:4005::/32
Signature Algorithm: sha256WithRSAEncryption
0c:41:b9:e9:c1:11:d8:97:09:32:c6:be:c4:bf:ed:06:9f:90:
23:3d:64:f1:78:b0:75:ab:86:70:14:e7:db:90:38:3f:1f:79:
01:c7:23:56:a2:72:8c:5d:69:99:a1:9c:3d:f6:b3:11:88:e4:
34:f1:24:68:00:a5:d2:a5:0a:03:9e:e9:c1:6b:95:a6:ba:05:
87:8b:41:81:65:f0:c3:05:02:49:3f:59:36:33:28:7b:27:7a:
3a:89:cd:62:ec:0a:86:d1:ef:a0:20:8d:a5:3a:cf:58:1f:e6:
63:15:04:10:a1:ed:f5:09:f1:60:b8:48:6f:29:34:34:29:4d:
6a:f1:5d:69:0d:36:3c:52:46:cf:da:ca:aa:e5:58:2a:65:cc:
62:a1:15:91:46:de:3c:b1:cf:1d:e6:13:aa:72:50:fe:3e:d6:
5d:93:e0:bc:82:76:67:3b:9a:1b:6a:95:ba:04:b3:8e:14:80:
0e:f2:6b:51:23:bc:64:c4:a1:af:5b:e3:34:8f:63:61:19:ef:
9b:4c:0b:2a:7f:a8:42:66:b3:95:3e:bf:b7:d0:c6:5f:6e:ec:
ab:f3:71:af:04:2d:f9:a3:a3:bf:54:7c:4d:24:96:d4:58:83:
83:65:1f:06:18:aa:4e:31:ad:58:28:b2:70:ea:8b:cc:7a:2f:
96:03:b8:47
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAZSoPqr1vgzxe+ctKe9V1ZJpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJmODQxMTM1NDVkOTAwMDc2MGY2NjA2MmE0MjIxOTMzYTJl
OTU5ZDgwHhcNMjUwMTI3MTQ1MTA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YjliMTRmOTkzYmE1ODE4NTE1YzY5MjI0NTE4OTA0MmNlN2ZmNmI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuUm9PeKrZfRbcmCUmH/viyAly+fd
UPcJgzemsLugxPEMRUTXPY9ogObtJiaqqjjk5JgkqqtnEg7EH+d/pRnF5ClZ0EUC
PcYm5YkCSGfKFHIAQ54jUOqCyxChbDSJt9MShS9Vj/p537ZRrVv57kd46VlzLJbQ
GI21Nvc0Wm8+7dSlrpmASWJ0wW3OzGbaRSJaCMClYi1S6ONf+mbw8n49bfnEUOrH
auE4TK8XtYltwijNwsUvDcqR8CwECrk2Y/tTyvKqxYG9SDwh9S7WPnKbomUVsCUS
X7UyRh70zLEg2J6xruMrIdAj78Hq65VD/EGe1uezI0jsDvQViMcmH3KmYQIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFFubFPmTulgYUVxpIkUYkELOf/a5MB8GA1UdIwQY
MBaAFL+EETVF2QAHYPZgYqQiGTOi6VnYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdjRRUk5VWFpBQWRnOW1CaXBDSVpNNkxwV2RnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS8zMGRjODUtMmRkOC00YjFjLWIxNTEt
NGJkNjNhZGM3MzU0LzEvVzVzVS1aTzZXQmhSWEdraVJSaVFRczVfOXJrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS8zMGRjODUtMmRkOC00YjFjLWIxNTEtNGJkNjNhZGM3MzU0
LzEvdjRRUk5VWFpBQWRnOW1CaXBDSVpNNkxwV2RnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQBLVk8AwQA
LZZCAwQAW9NyAwQAiny1MA0EAgACMAcDBQAqDkAFMA0GCSqGSIb3DQEBCwUAA4IB
AQAMQbnpwRHYlwkyxr7Ev+0Gn5AjPWTxeLB1q4ZwFOfbkDg/H3kBxyNWonKMXWmZ
oZw99rMRiOQ08SRoAKXSpQoDnunBa5WmugWHi0GBZfDDBQJJP1k2Myh7J3o6ic1i
7AqG0e+gII2lOs9YH+ZjFQQQoe31CfFguEhvKTQ0KU1q8V1pDTY8UkbP2sqq5Vgq
ZcxioRWRRt48sc8d5hOqclD+PtZdk+C8gnZnO5obapW6BLOOFIAO8mtRI7xkxKGv
W+M0j2NhGe+bTAsqf6hCZrOVPr+30MZfbuyr83GvBC35o6O/VHxNJJbUWIODZR8G
GKpOMa1YKLJw6ovMei+WA7hH
-----END CERTIFICATE-----
Generated at Mon Apr 7 10:12:45 2025 by rpki-client